9/11 And DDoS Alerts For Banks & Agencies

Reading the article above, the first thought which comes to mind is that it’s always the same old story ~ warning after warning after warning, as though security is something we can do on an ‘per warning’ basis. I really don’t understand this way of approaching security. I’m not saying we shouldn’t be warned, not at all. What I am saying is that we shouldn’t wait for a warning before we do something about security.

The FBI recommendations also leave me perplexed:

– Implement backup and recovery plans – really? We’re supposed to wait for a warning on a 9/11 DDoS threat to know that we need to do this? We’re in serioustrouble if that’s the case.

– Scan and monitor emails for malware – again, really? This is a recommendation? Could there really be some people out there who still don’t do this? If that’s the case, I say, they deserve whatever happens to their network.

– Outline DDoS mitigation strategies – finally, something a little more relevant. I know for a fact that most companies aren’t putting much thought into DDoS defense strategy. Unfortunately, if you’re hosting a server with public access, you’ve no choice but to consider this with the utmost seriousness. Just how seriously, you ask? Well, that all depends on how much of your company’s livelihood hinges on that server.

It’s an undeniable fact of our Internet life that these things will_keep_happening. No matter if it’s 9/11 or OpUSA or a private single hacker from Russia or China. They’ll continue to happen, and we all understand the need to be prepared.

DDoS preparedness is accomplished as a strategy – it involves hardware, large bandwidth, ISP collaboration, remote redundancy and other possible strategies for defense and elusion. This isn’t anti-malware, you can’t create a signature or heuristic against DDoS. This is sheer brute force in that you win if you’re stronger, or because you’re the more elusive so they can’t get you.

And that’s precisely why you need a strategy, and you need to plan it now.